‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Thursday, November 26, 2020 11:41 AM, Hernâni Marques <hernani@vecirex.net> wrote:
Dear Cypherpunks
Adrienne Fichter, Journalist of Republik, is searching for people who hep to analyze (backdoored) Omnisec devices, ... German tweet, with her asking for action:
it's a fax encryption/decryption hardware. would be interesting to look for methods of master key extraction. the attack surface looks pretty rich: https://www.inmarsat.com/wp-content/uploads/2013/10/Inmarsat_Using_Omnisec_5... another model to consider is the Omnisec 222, often code (and bugs) re-used across model families :) look for debug pads and surprise functionality, https://github.com/grandideastudio/jtagulator , https://github.com/usb-tools/Facedancer . might need to read flash memory directly: https://libreboot.org/docs/install/rpi_setup.html attack retrieved images with Ghidra and friends. if target is hard, try glitch attacks. https://tches.iacr.org/index.php/TCHES/article/view/7390 . sounds like fun! best regards,